From d562cef02a1ea65428630ee5fb6189b5c3df0b10 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Feb 11 2008 23:09:36 +0000 Subject: - Allow fail2ban to create sock_files in /var/run --- diff --git a/policy-20070703.patch b/policy-20070703.patch index c35009f..91af15f 100644 --- a/policy-20070703.patch +++ b/policy-20070703.patch @@ -10484,7 +10484,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mail +files_type(mailscanner_spool_t) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta.if serefpolicy-3.0.8/policy/modules/services/mta.if --- nsaserefpolicy/policy/modules/services/mta.if 2007-10-22 13:21:39.000000000 -0400 -+++ serefpolicy-3.0.8/policy/modules/services/mta.if 2008-02-11 17:49:24.000000000 -0500 ++++ serefpolicy-3.0.8/policy/modules/services/mta.if 2008-02-11 18:08:28.000000000 -0500 @@ -87,6 +87,8 @@ # It wants to check for nscd files_dontaudit_search_pids($1_mail_t) @@ -10534,7 +10534,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/mta. - userdom_manage_user_home_content_symlinks($1,mailserver_delivery) + userdom_manage_all_users_home_content_dirs(mailserver_delivery) + userdom_manage_all_users_home_content_files(mailserver_delivery) -+ userdom_manage_all users_home_content_symlinks($1,mailserver_delivery) ++ userdom_manage_all users_home_content_symlinks(mailserver_delivery) userdom_manage_user_home_content_pipes($1,mailserver_delivery) userdom_manage_user_home_content_sockets($1,mailserver_delivery) userdom_user_home_dir_filetrans_user_home_content($1,mailserver_delivery,{ dir file lnk_file fifo_file sock_file }) @@ -20821,7 +20821,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdo /tmp/gconfd-USER -d gen_context(system_u:object_r:ROLE_tmp_t,s0) diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/userdomain.if serefpolicy-3.0.8/policy/modules/system/userdomain.if --- nsaserefpolicy/policy/modules/system/userdomain.if 2007-10-22 13:21:40.000000000 -0400 -+++ serefpolicy-3.0.8/policy/modules/system/userdomain.if 2008-02-11 17:21:49.000000000 -0500 ++++ serefpolicy-3.0.8/policy/modules/system/userdomain.if 2008-02-11 18:07:56.000000000 -0500 @@ -29,8 +29,9 @@ ')